CSV

• Incoming feed - Advanced CSV

# Release History

# EclecticIQ Advanced CSV Extension

## 2.14.1, 3.0.1

Release date: 25 July 2023

**Added:**

- This release adds parsing of confidence, likely impact and tag entries to entities
- Maliciousness level are added to observables


## Release versions: 2.11.2, 2.10.2

Release date: 24 January 2022

**Added:**

- Users can now map CSV data to the following fields in entities:
`entity.meta.estimated_threat_start_time`, `entity.meta.estimated_threat_end_time`,
`entity.meta.estimated_threat_observed_time`.

## Release versions: 2.9.2, 2.10.1

Release date: July, 2021

### Introduction
Extension is used to ingest CSV files and transform them into EIQ TIP entities.
Each row in the CSV file ends up as a single entity in the platform.

CSV columns are mapped to specific `entity fields`. Following entity fields can be used for mapping: 

- `entity.name` - entity title or `untitled`
- `entity.type` - entity type, or `indicator` if not set
- `entity.description` - entity description 
- `entity.references` - entity references
- `entity.tags` - entity tags
- `entity.meta.estimated_threat_start_time` - entity estimated threat start time
- `entity.meta.estimated_threat_end_time` - entity estimated threat end time
- `entity.meta.estimated_observed_time` - entity estimated observed time
- `entity.observable.<observable_type>` - entity observables value per observable type 
  (no other attributes related to observables can be mapped)


**Added:**

* New option to ignore comment-like lines in CSV files.


**Features:**

* Initial release.
* Now provides the Advanced CSV incoming feed.